Forum Discussion

The_Bhattman's avatar
The_Bhattman
Icon for Nimbostratus rankNimbostratus
Oct 14, 2005

Slow at processing rule?

Newbie here

 

 

I have an Rule created in 4.2

 

 

 

if (http_host == "signup.something.com" or http_host == "signup.somethingelse.com" or http_uri contains ".php") {

 

use ( upix_unix_php_80 )

 

}

 

else {

 

use ( upix_unix_80 )

 

}

 

 

 

When consumers come into a VIP forwarding to a the rule above, they are processed to the pool correctly. However, when they pull down a file via http - it's slow 200kb/s. If I turn off the rules and the http transfer is at 3.14 Mb/s

 

 

What could be issue?

 

 

-CB

 

 

"If you break it, I can fix it...If I can't fix it it's not broken"

 

application delivery
dev
devops
iRules
v4

3 Replies

Sort By
  • Martin_Machacek's avatar
    Martin_Machacek
    Historic F5 Account
    Oct 15, 2005
    Chetan,

     

     

    effective performance of TCP (HTTP) connections depends on many factors, but the rule is definitely not one of them :-) I'd suggest you do following 2 steps:

     

     

    a) upgrade to some supported version of BIG-IP (4.2 is out of software

     

    support for more than a year),

     

    b) contact F5 support

     

     

    I'd guess that you may have some path MTU discovery issues or somesuch. I can guarantee you that the rule is not the problem.
  • The_Bhattman's avatar
    The_Bhattman
    Icon for Nimbostratus rankNimbostratus
    Oct 15, 2005
    Well I would normally say yes to that, but how is it that a when using a rule it's slow and w/o it's fast?
  • Martin_Machacek's avatar
    Martin_Machacek
    Historic F5 Account
    Oct 17, 2005
    I'd guess that the reason for the performace lower throughput of a single TCP connection is the fact that BIG-IP has to do so called late-binding in order to evaluate the rule. Again, it is not a problem in rule evaluation per-se, rather an impact of using L7 loadbalancing vs. L4 loadbalancing. Lower performance while using a L7 rule is expected, however not to the level you are seeing (order of magnitude). That makes me think there is some other factor causing the performance degradation. In order to troubleshoot the problem I'd need to see full configuration of your system, packet captures etc. The best course of action for you is to contact F5 support and let one of our network support engineers help you. It is IMHO inappropriate for this for to troubleshoot this problem.